WordPress sites are in danger of malware called wp-vcd, which is hidden in legitimate WordPress files and that is used to add a secret admin user and grant hackers control over infected sites. The malware was first spotted online this summer by...